The rapid growth in Internet usage has increased the dependency on information stored and communicated by businesses and individuals. In particular, growth in DSL and cable modem usage by consumers and businesses and increased business-to-business Internet activity have contributed to this dependency. As the desire for confidentiality, authenticity, and integrity increases, an increasing proportion of this information is sent in secure or encrypted form. Also, an increasing proportion of electronic communication will occur at increasingly fast speeds.
Secure communications are desirable for sensitive activities like on-line financial transactions or the transmission of personal medical information, but can require significantly increased processing demands at both ends of a communications session. This processing demand is further increased as communication bandwidth improves and increases the volume of data for security processing. As the demand for secure Internet communication increases, security processing needs consume ever increasing proportions of the available central processing capability of communications network servers.
In secure Internet communication, for example, Internet Protocol (IP) communication servers encrypt, decrypt, sign and authenticate inbound and outbound data packets to accomplish typical IP communication. Cryptographic processors and other devices accomplish or share some of the cryptographic processing load such as the encrypting, decrypting and authenticating of data packets.
Modern cryptographic devices typically contain a processor that exercises a cryptographic algorithm in combination with a private or public key(s). The processor (and, more particularly, the processor core) can be formed in hardware, such as in an application-specific integrated circuit (ASIC) so the cryptographic algorithm and/or key(s) can be hard-coded at the time of manufacture, or in software, such as in a field-programmable device so the cryptographic algorithm and key(s) can be upgraded and reprogrammed easily.
In the hardware cryptographic core architecture, hardware Direct Memory Access (DMA) engines move data to and from encryption and authentication engines. The encryption engines apply the cryptographic algorithm to the data, and the authentication engines authenticate some or all of the datagram containing the encrypted data. Further, the encryption and authentication engines are also implemented in hardware. In the hardware scenario, the architecture includes hardware protocols (e.g., Internet Protocol Security (IPSec), Secure Real-time Transport Protocol (SRTP), High Assurance Internet Protocol Encryptor (HAIPE®), BULK) and parses the data stream and calculates encryption and authentication start and end points to program the encryption and authentication engines. In the hardware architecture, in the IPSec protocol for example, preprocessing and security features such as the Initial Vector (IV), Message Authentication Code (MAC), padding and others, are inserted in the outbound packet and removed from the inbound packet. When these and other encryption protocol requirements are changed or enhanced, the hardware design becomes out-of-date, must be re-designed taking into account the changes and enhancements, and must be reintroduced as a newly-programmed hardware chip. This process is an expensive and time-consuming way to upgrade a cryptographic algorithm.
Alternatively, the software cryptographic core architecture includes encryption and authentication engines comprising software. In that alternative, the software parses and processes the protocols and calculates the encryption and authentication start and end points in the data stream. Software core architectures typically suffer from the problem of being slow to do insertions and removals of various bytes (again using the IPSEC protocol as an example), such as the IV, MAC, padding and other preprocessing and security features that are inserted into the outbound packet and removed from the inbound packet.
Thus, the hardware cryptographic core architecture is a faster option for processing, but is not flexible enough to update protocols or add new protocols. In this scenario, modifications to the design and fabrication of a new chip for each new protocol update are expensive. The software cryptographic core architecture is flexible, but its processing performance is low and is not always suitable for high-speed security systems. Furthermore, conventional systems typically manage security protocol information external to the cryptographic core.
Accordingly, there is a desire for an architecture that gives the flexibility to add new protocols or update current protocols by eliminating new chip re-fabrication requirements and a reduction in time-to-market, while also providing improved speed and throughput compared to software cryptographic core architectures.